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VIA EMAIL (AG.BREACH@CT.GOV) AND OVERNIGHT MAIL 

Attorney General George Jepsen 
Office of the Attorney General 
55 Elm Street 
Hartford, CT 06106 

Re: Incident Notification 

Dear Attorney General Jepsen: 

We are writing on behalf of our client, Johnson, Hearn, Vinegar & Gee, PLLC (“Johnson 
Hearn”), to notify you of a security incident involving Connecticut residents. 

On January 16, 2017, our client became aware of a ransomware attack of their computer 
system. Our client immediately began an investigation, reset passwords, removed the server from 
the system, and began using a back-up of their system. As part of their investigation, Johnson 
Hearn engaged a leading forensic firm, and they determined that an unknown person remotely 
accessed a server which contained files that may have included individuals’ names, dates of 
birth, driver’s license numbers or state issued identification numbers, social security numbers, 
financial information such as checking/savings account numbers, financial investment 
information, payment card information, and health insurance numbers. Although no evidence has 
been found that the unknown person accessed or acquired personal information, the nature of the 
incident is such that we cannot rule out that possibility. 

Johnson Heam is notifying thirteen (13) Connecticut residents in substantially the same 
form as the letter attached hereto, with written notification commencing today, April 14, 2017. 1 
Notification is being made without unreasonable delay and pursuant to the investigation 
described above, which was necessary to determine the nature and scope of the incident; identify 
the individuals potentially affected; and restore the reasonable integrity of the data system. See 
Conn. Gen. Stat. § 36A-701b(b)(l). In addition, Johnson Hearn is offering affected individuals a 
complimentary one-year membership of Experian’s® IdentityWorks SM . This product offers 
affected individuals identity detection and resolution of identity theft. 
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To help prevent something like this from happening in the future, Johnson Hearn has 
enhanced the security of their systems. 

Please do not hesitate to contact me if you have any questions regarding this matter. 


Sincerely, 



Paulette M. Thomas 
Counsel 


Enclosures 


This report is not, and does not constitute, a waiver of personal jurisdiction. 
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Sample Customer April 14, 2017 

123 Sample St 
Apt 2 

Dublin, OH 43017 


Notification of Computer System Security Incident 

Dear Sample Customer: 

Johnson, Hearn, Vinegar, & Gee, PLLC is committed to maintaining the privacy and security of the client 
information. We are writing to inform you of a ransomware incident involving some of that information. 

On January 16, 2017, we became aware of a ransomware attack of our computer system. Ransomware is used by an 
Internet-based attacker to remotely lock the victim’s computer system. The attacker then demands that a ransom be 
paid to remove the restriction. Fortunately, our virus software was able to stop the attack. 

We immediately began an investigation, reset passwords, removed the server from the system, and began using a 
back-up to our system. As part of our investigation, we engaged a leading forensic firm, and it determined that an 
unknown person remotely accessed a server which contained files that may have included your name, address, date 
of birth, driver’s license number or state issued identification number, social security number, financial information, 
such as checking/savings account numbers, or financial investment information, payment card information, and 
health insurance numbers. We have found no evidence that client information was accessed or acquired by the 
attackers, or that your information has been used in any way. However, the nature of the incident is such that we 
cannot rule out that possibility. 

Out of an abundance of caution, we wanted to notify you of this incident and offer you a complimentary one-year 
membership of Experian’s® IdentityWorks SM . This product provides you with identity detection and resolution of 
identity theft and does not require any action on your part at this time. The Terms and Conditions for this offer are 
located at www.ExperianIDWorks.com/restoration . While Identity Restoration assistance is immediately available 
to you, we also encourage you to activate the fraud detection tools available through Experian Identity Works. SM For 
instructions on how to activate your complimentary one-year membership, please see the attachment enclosed with 
this letter. 


We deeply regret any inconvenience or concern this may cause you. To help prevent something like this from 
happening in the future, we have enhanced the security of our systems. If you have any questions please call (855) 
474-3854, or for international calls (330) 333-7258, from 9 a.m. to 5 p.m. Eastern Time, Monday through Friday. 


Sincerely, 



/ 


George G. Hearn 
Managing Member 
Enc. (2 pages) 
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Activate IdentityWorks SM in Three Easy Steps 

To start monitoring your personal information please follow the steps below: 

• Ensure that you enroll by: July 31,2017 (Your code will not work after this date.) 

• Visit the Experian Identity Works website to enroll: www.experianidworks.com/creditone 

• Provide your activation code: ABC123 

If you have questions about the product, need assistance with identity restoration that arose as a result of 
this incident or would like an alternative to enrolling in Experian IdentityWorks online, please contact 
Experian’s customer care team at 877-890-9332 by July 31, 2017. Be prepared to provide engagement 
number DB01441 as proof of eligibility for the identity restoration services by Experian. 

ADDITIONAL DETAILS REGARDING YOUR 12-MONTH EXPERIAN IDENTITYWORKS 
MEMBERSHIP: 

A credit card is not required for enrollment in Experian IdentityWorks. 

You can contact Experian immediately regarding any fraud issues, and have access to the following 
features once you enroll in Experian IdentityWorks: 

■ Experian credit report at signup: See what information is associated with your credit file. 
Daily credit reports are available for online members only.* 

■ Credit Monitoring: Actively monitors Experian, Equifax and Transunion files for indicators of 
fraud. 

■ Internet Surveillance: Technology searches the web, chat rooms & bulletin boards 24/7 to 
identify trading or selling of your personal information on the Dark Web. 

■ Identity Restoration: Identity Restoration specialists are immediately available to help you 
address credit and non-credit related fraud. 

■ Experian IdentityWorks ExtendCARE 1M : You receive the same high-level of Identity 
Restoration support even after your Experian IdentityWorks membership has expired. 

■ $1 Million Identity Theft Insurance**: Provides coverage for certain costs and unauthorized 
electronic fund transfers. 

What you can do to protect your information: There are additional actions you can consider taking to 
reduce the chances of identity theft or fraud on your account(s). Please refer to 
www.ExperianIDWorks.com/restoration for this information. 

Even if you choose not to take advantage of this free credit monitoring service, we recommend that you 
remain vigilant to the possibility of fraud and identity theft by reviewing your credit card, bank, 
and other financial statements for any unauthorized activity. You may also obtain a copy of your 
credit report, free of charge, directly from each of the three nationwide credit reporting agencies. 
To order your credit report, free of charge, once every twelve months, please visit 
www.annualcreditreport.com or call toll-free at 1-877-322-8228. Contact information for the three 
nationwide credit reporting agencies is as follows: 









Page 2 


Equifax 

PO Box 740241 
Atlanta,GA30374 
www.equifax.com 
1-800-685-1111 


Experian 
PO Box 2002 
Allen, TX 75013 
www .experian. com 
1-888-397-3742 


TransUnion 
PO Box 2000 
Chester, PA 19016 
www.transunion.com 
1-800-916-8800 


If you believe you are the victim of identity theft or have reason to believe your personal information has 
been misused, you should contact the Federal Trade Commission. Contact information for the Federal 
Trade Commission is as follows: 


Federal Trade Commission 
600 Pennsylvania Avenue, NW 
Washington, DC 20580 
www.ftc. sov/idtheft 
(877) 438-4338 

You can obtain information from these sources about steps an individual can take to avoid identity theft 
as well as information about fraud alerts and security freezes. You should also contact your local law 
enforcement authorities and file a police report. Obtain a copy of the police report in case you are asked 
to provide copies to creditors to correct your records. 


* Offline members will be eligible to call for additional reports quarterly after enrolling. 

** Identity theft insurance is underwritten by insurance company subsidiaries or affiliates of American 
International Group, Inc. (AIG). The description herein is a summary and intended for informational 
purposes only and does not include all terms, conditions and exclusions of the policies described. Please 
refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be 
available in all jurisdictions. 








